<?php

 include_once ('mysql/dbHelper.php');

 echo getcwd();
 return;
//$host="localhost";
//echo $host;
//echo '<br>';
session_start();
$tblName="user";
//get username and password from the form
$myusername = $_POST['username'];
$mypassword = $_POST['password'];

//protect against injection here todo

//build the query
$sqlSelect = "SELECT * FROM $tblName WHERE username='$myusername' and password='$mypassword'";
//echo $sql;
//echo '<br>';
//send it
$result = executeSelect($sqlSelect);

//count num rows returned
$count = mysqli_num_rows($result);

if($count==1){
	//echo 'Successful Login';
        //echo '<br>';
        while($row = mysqli_fetch_assoc($result)){
            //echo $row['username'];
            //echo '<br>';
            //echo $row['password'];
            //echo '<br>';
            $role = $row['role'];
            //echo $role;
        }
        
        
        $_SESSION['role'] = $role;
        $_SESSION['username'] = $myusername;         
            header("location:mainPage.php");

}
else{
	echo "Wrong Username or Password";
}

?>